Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix binding signature generation using shorter hash than expected for…
… some ECDSA subkeys The required hash size was determined based on the subkey algo rather than the primary key. As a result, if the subkey being certified required a shorter hash size than the ECDSA primary key, the issued signature would include a shorter digest than expected. This issue is not expected to have practical security impact, and it only affected keys with ECDSA subkeys with smaller key sizes than their ECDSA primary key (e.g. NIST p521 primary key and NIST p256 subkey).
- Loading branch information